Systemd Fedora 25 启动脚本权限被拒绝

tag-icon tag-icon systemd startup
Systemd Fedora 25 启动脚本权限被拒绝

我一直在关注大量关于如何为 systemd(Vbox 上的 Fedora 25)编写启动脚本的教程。但是,我无法让它发挥作用。

/home/dario/Desktop/unix/SYSTEMD/print_date.sh这是我要运行的bash 脚本:

#!/bin/bash
date > startup_date

我更改了文件的权限,chmod 755 print_date.sh

我创建了服务文件/etc/systemd/system/print_date.service(这只是最后一个版本,我尝试了许多其他迭代):

[Unit]
Description=Example startup script
After=multi-user.target

[Service]
Type=forking
ExecStart=/home/dario/Desktop/unix/SYSTEMD/print_date.sh
User=root
Group=root

[Install]
WantedBy=multi-user.target

我跑

systemctl daemon-reload
systemctl enable print_date

并在不重新启动的情况下进行测试

systemctl start print_date

这给了我错误

[root@dario SYSTEMD]# systemctl start print_date
Job for print_date.service failed because the control process exited with error code.
See "systemctl status print_date.service" and "journalctl -xe" for details.

如果我尝试使用journal -xn 调试它,结果是:

[root@dario SYSTEMD]# journalctl -xn
-- Logs begin at Wed 2016-12-28 13:03:41 PST, end at Sat 2017-03-18 12:25:39 PDT. --
Mar 18 12:25:35 dario systemd[4143]: print_date.service: Failed at step EXEC spawning /home/dario/Desktop/unix/SYSTEMD/print_date.sh: Permissi
-- Subject: Process /home/dario/Desktop/unix/SYSTEMD/print_date.sh could not be executed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- The process /home/dario/Desktop/unix/SYSTEMD/print_date.sh could not be executed and failed.
-- 
-- The error number returned by this process is 13.
Mar 18 12:25:35 dario systemd[1]: print_date.service: Control process exited, code=exited status=203
Mar 18 12:25:35 dario systemd[1]: Failed to start Example startup script.
-- Subject: Unit print_date.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit print_date.service has failed.
-- 
-- The result is failed.
Mar 18 12:25:35 dario systemd[1]: print_date.service: Unit entered failed state.
Mar 18 12:25:35 dario audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=print_date
Mar 18 12:25:35 dario systemd[1]: print_date.service: Failed with result 'exit-code'.
Mar 18 12:25:38 dario dbus-daemon[682]: [system] Activating service name='org.fedoraproject.Setroubleshootd' requested by ':1.36' (uid=0 pid=6
Mar 18 12:25:38 dario dbus-daemon[682]: [system] Successfully activated service 'org.fedoraproject.Setroubleshootd'

答案1

我已经找到了适合我的答案。但是,如果您有一个不像我的那么彻底的解决方案,请详细说明。

就我而言,问题依赖于 SELinux 默认模式,该模式设置为执行。通过将 SELinux 设置为宽容的我可以允许我的脚本在启动时运行(以及每当我使用 systemctl start 测试它时..)。

我不太了解 SELinux 的细节,感觉就像我在搞乱比我更大的东西。我邀请其他人以更专业的方式扩展这个解决方案。

/etc/selinux/config

设置线

SELINUX = enforcing


SELINUX = permissive

它将允许执行启动文件。问候。

相关内容